Author
Topic: Blocking Netscan/port scans? (Read 180 times)

I'm curious if there is a way to auto block port scanning? Some kind of stealth mode maybe? What I'm seeing in my logs is a bunch of deny's which is great, but seems I'm often being hit on port 23 (denied).. which is of course telnet, and I don't have it open same for rdp ports and many others that are always being hit by the same ip over and over. I'm assuming it's a botnet trying to find a way in or someone trying to brute-force. I see there is intrusion detection which I turned on then the next day turned off because it seemed to cut my internet speed from 400mb to like 40mb? Maybe that's a configuration issue? Any help is greatly appreciated.